diff options
-rw-r--r-- | AUTHORS | 7 | ||||
-rw-r--r-- | Makefile.am | 4 | ||||
-rw-r--r-- | Makefile.nmake | 3 | ||||
-rw-r--r-- | doc/ethereal.pod.template | 1 | ||||
-rw-r--r-- | packet-yhoo.c | 66 | ||||
-rw-r--r-- | packet-yhoo.h | 85 | ||||
-rw-r--r-- | packet-ymsg.c | 392 |
7 files changed, 467 insertions, 91 deletions
@@ -201,7 +201,8 @@ Christophe Tronche <ch.tronche[AT]computer.org> { } Nathan Neulinger <nneul[AT]umr.edu> { - Yahoo messenger and pager protocol support + Yahoo Messenger YHOO protocol, and Yahoo Pager (YPNS?) protocol + support NTP (Network Time Protocol) support RX protocol support Andrew File System protocol support @@ -1623,6 +1624,10 @@ Martijn Schipper <martijn.schipper [AT] intersil.com> { Fix for tag for 802.11g ERP Information field } +Wayne Parrott <wayne_p [AT] pacific.net.au> { + Yahoo Messenger YMSG protocol support +} + And assorted fixes and enhancements by the people listed above and by: Pavel Roskin <proski [AT] gnu.org> diff --git a/Makefile.am b/Makefile.am index 71497d21e9..81dbc4ee5f 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,7 +1,7 @@ # Makefile.am # Automake file for Ethereal # -# $Id: Makefile.am,v 1.559 2003/02/27 02:45:42 guy Exp $ +# $Id: Makefile.am,v 1.560 2003/03/01 00:09:00 guy Exp $ # # Ethereal - Network traffic analyzer # By Gerald Combs <gerald@ethereal.com> @@ -399,6 +399,7 @@ DISSECTOR_SRC = \ packet-xot.c \ packet-xyplex.c \ packet-yhoo.c \ + packet-ymsg.c \ packet-ypbind.c \ packet-yppasswd.c \ packet-ypserv.c \ @@ -629,7 +630,6 @@ noinst_HEADERS = \ packet-wtls.h \ packet-wtp.h \ packet-x11-keysym.h \ - packet-yhoo.h \ packet-ypbind.h \ packet-yppasswd.h \ packet-ypserv.h \ diff --git a/Makefile.nmake b/Makefile.nmake index 5471c769e3..3619147809 100644 --- a/Makefile.nmake +++ b/Makefile.nmake @@ -1,7 +1,7 @@ ## Makefile for building ethereal.exe with Microsoft C and nmake ## Use: $(MAKE) /$(MAKEFLAGS) -f makefile.nmake # -# $Id: Makefile.nmake,v 1.282 2003/02/27 02:45:42 guy Exp $ +# $Id: Makefile.nmake,v 1.283 2003/03/01 00:09:00 guy Exp $ include config.nmake include <win32.mak> @@ -342,6 +342,7 @@ DISSECTOR_SRC = \ packet-xot.c \ packet-xyplex.c \ packet-yhoo.c \ + packet-ymsg.c \ packet-ypbind.c \ packet-yppasswd.c \ packet-ypserv.c \ diff --git a/doc/ethereal.pod.template b/doc/ethereal.pod.template index 086d45a082..3c456e990f 100644 --- a/doc/ethereal.pod.template +++ b/doc/ethereal.pod.template @@ -1726,6 +1726,7 @@ B<http://www.ethereal.com>. Pasi Kovanen <Pasi.Kovanen [AT] tahoenetworks.fi> Teemu Rinta-aho <teemu.rinta-aho [AT] nomadiclab.com> Martijn Schipper <martijn.schipper [AT] intersil.com> + Wayne Parrott <wayne_p [AT] pacific.net.au> Pavel Roskin <proski [AT] gnu.org> Laurent Meyer <laurent.meyer [AT] thales-avionics.com> Georgi Guninski <guninski [AT] guninski.com> diff --git a/packet-yhoo.c b/packet-yhoo.c index 53a580b4d7..9b3636cf98 100644 --- a/packet-yhoo.c +++ b/packet-yhoo.c @@ -2,7 +2,7 @@ * Routines for yahoo messenger packet dissection * Copyright 1999, Nathan Neulinger <nneul@umr.edu> * - * $Id: packet-yhoo.c,v 1.25 2002/08/28 21:00:40 jmayer Exp $ + * $Id: packet-yhoo.c,v 1.26 2003/03/01 00:09:00 guy Exp $ * * Ethereal - Network traffic analyzer * By Gerald Combs <gerald@ethereal.com> @@ -34,7 +34,6 @@ #include <string.h> #include <glib.h> #include <epan/packet.h> -#include "packet-yhoo.h" static int proto_yhoo = -1; static int hf_yhoo_version = -1; @@ -52,6 +51,62 @@ static gint ett_yhoo = -1; #define TCP_PORT_YHOO 5050 +/* This is from yahoolib.h from gtkyahoo */ + +/* Service constants */ +#define YAHOO_SERVICE_LOGON 1 +#define YAHOO_SERVICE_LOGOFF 2 +#define YAHOO_SERVICE_ISAWAY 3 +#define YAHOO_SERVICE_ISBACK 4 +#define YAHOO_SERVICE_IDLE 5 +#define YAHOO_SERVICE_MESSAGE 6 +#define YAHOO_SERVICE_IDACT 7 +#define YAHOO_SERVICE_IDDEACT 8 +#define YAHOO_SERVICE_MAILSTAT 9 +#define YAHOO_SERVICE_USERSTAT 10 +#define YAHOO_SERVICE_NEWMAIL 11 +#define YAHOO_SERVICE_CHATINVITE 12 +#define YAHOO_SERVICE_CALENDAR 13 +#define YAHOO_SERVICE_NEWPERSONALMAIL 14 +#define YAHOO_SERVICE_NEWCONTACT 15 +#define YAHOO_SERVICE_ADDIDENT 16 +#define YAHOO_SERVICE_ADDIGNORE 17 +#define YAHOO_SERVICE_PING 18 +#define YAHOO_SERVICE_GROUPRENAME 19 +#define YAHOO_SERVICE_SYSMESSAGE 20 +#define YAHOO_SERVICE_PASSTHROUGH2 22 +#define YAHOO_SERVICE_CONFINVITE 24 +#define YAHOO_SERVICE_CONFLOGON 25 +#define YAHOO_SERVICE_CONFDECLINE 26 +#define YAHOO_SERVICE_CONFLOGOFF 27 +#define YAHOO_SERVICE_CONFADDINVITE 28 +#define YAHOO_SERVICE_CONFMSG 29 +#define YAHOO_SERVICE_CHATLOGON 30 +#define YAHOO_SERVICE_CHATLOGOFF 31 +#define YAHOO_SERVICE_CHATMSG 32 +#define YAHOO_SERVICE_FILETRANSFER 70 + +/* Message flags */ +#define YAHOO_MSGTYPE_NONE 0 +#define YAHOO_MSGTYPE_NORMAL 1 +#define YAHOO_MSGTYPE_BOUNCE 2 +#define YAHOO_MSGTYPE_STATUS 4 +#define YAHOO_MSGTYPE_OFFLINE 1515563606 /* yuck! */ + +struct yahoo_rawpacket +{ + char version[8]; /* 7 chars and trailing null */ + unsigned char len[4]; /* length - little endian */ + unsigned char service[4]; /* service - little endian */ + unsigned char connection_id[4]; /* connection number - little endian */ + unsigned char magic_id[4]; /* magic number used for http session */ + unsigned char unknown1[4]; + unsigned char msgtype[4]; + char nick1[36]; + char nick2[36]; + char content[1]; /* was zero, had problems with aix xlc */ +}; + static const value_string yhoo_service_vals[] = { {YAHOO_SERVICE_LOGON, "Pager Logon"}, {YAHOO_SERVICE_LOGOFF, "Pager Logoff"}, @@ -232,5 +287,12 @@ proto_register_yhoo(void) void proto_reg_handoff_yhoo(void) { + /* + * DO NOT register for port 5050, as that's used by the + * old and new Yahoo messenger protocols. + * + * Just register as a heuristic TCP dissector, and reject stuff + * not to or from that port. + */ heur_dissector_add("tcp", dissect_yhoo, proto_yhoo); } diff --git a/packet-yhoo.h b/packet-yhoo.h deleted file mode 100644 index 3d1546088d..0000000000 --- a/packet-yhoo.h +++ /dev/null @@ -1,85 +0,0 @@ -/* packet-yhoo.h - * Definitions for packet disassembly structures and routines - * - * $Id: packet-yhoo.h,v 1.8 2002/08/28 21:00:40 jmayer Exp $ - * - * Ethereal - Network traffic analyzer - * By Gerald Combs <gerald@zing.org> - * Copyright 1998 Gerald Combs - * - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - */ - -/* This is from yahoolib.h from gtkyahoo */ - -#ifndef YAHOO_LIB_H -#define YAHOO_LIB_H - -/* Service constants */ -#define YAHOO_SERVICE_LOGON 1 -#define YAHOO_SERVICE_LOGOFF 2 -#define YAHOO_SERVICE_ISAWAY 3 -#define YAHOO_SERVICE_ISBACK 4 -#define YAHOO_SERVICE_IDLE 5 -#define YAHOO_SERVICE_MESSAGE 6 -#define YAHOO_SERVICE_IDACT 7 -#define YAHOO_SERVICE_IDDEACT 8 -#define YAHOO_SERVICE_MAILSTAT 9 -#define YAHOO_SERVICE_USERSTAT 10 -#define YAHOO_SERVICE_NEWMAIL 11 -#define YAHOO_SERVICE_CHATINVITE 12 -#define YAHOO_SERVICE_CALENDAR 13 -#define YAHOO_SERVICE_NEWPERSONALMAIL 14 -#define YAHOO_SERVICE_NEWCONTACT 15 -#define YAHOO_SERVICE_ADDIDENT 16 -#define YAHOO_SERVICE_ADDIGNORE 17 -#define YAHOO_SERVICE_PING 18 -#define YAHOO_SERVICE_GROUPRENAME 19 -#define YAHOO_SERVICE_SYSMESSAGE 20 -#define YAHOO_SERVICE_PASSTHROUGH2 22 -#define YAHOO_SERVICE_CONFINVITE 24 -#define YAHOO_SERVICE_CONFLOGON 25 -#define YAHOO_SERVICE_CONFDECLINE 26 -#define YAHOO_SERVICE_CONFLOGOFF 27 -#define YAHOO_SERVICE_CONFADDINVITE 28 -#define YAHOO_SERVICE_CONFMSG 29 -#define YAHOO_SERVICE_CHATLOGON 30 -#define YAHOO_SERVICE_CHATLOGOFF 31 -#define YAHOO_SERVICE_CHATMSG 32 -#define YAHOO_SERVICE_FILETRANSFER 70 - -/* Message flags */ -#define YAHOO_MSGTYPE_NONE 0 -#define YAHOO_MSGTYPE_NORMAL 1 -#define YAHOO_MSGTYPE_BOUNCE 2 -#define YAHOO_MSGTYPE_STATUS 4 -#define YAHOO_MSGTYPE_OFFLINE 1515563606 /* yuck! */ - -struct yahoo_rawpacket -{ - char version[8]; /* 7 chars and trailing null */ - unsigned char len[4]; /* length - little endian */ - unsigned char service[4]; /* service - little endian */ - unsigned char connection_id[4]; /* connection number - little endian */ - unsigned char magic_id[4]; /* magic number used for http session */ - unsigned char unknown1[4]; - unsigned char msgtype[4]; - char nick1[36]; - char nick2[36]; - char content[1]; /* was zero, had problems with aix xlc */ -}; - -#endif diff --git a/packet-ymsg.c b/packet-ymsg.c new file mode 100644 index 0000000000..aba907f1e7 --- /dev/null +++ b/packet-ymsg.c @@ -0,0 +1,392 @@ +/* packet-ymsg.c + * Routines for Yahoo Messenger YMSG protocol packet version 9 dissection + * Copyright 2003, Wayne Parrott <wayne_p@pacific.net.au> + * Copied from packet-yhoo.c and updated + * + * $Id: packet-ymsg.c,v 1.1 2003/03/01 00:09:00 guy Exp $ + * + * Ethereal - Network traffic analyzer + * By Gerald Combs <gerald@ethereal.com> + * Copyright 1998 Gerald Combs + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include <stdio.h> + +#include <string.h> +#include <glib.h> +#include <epan/packet.h> + +static int proto_ymsg = -1; +static int hf_ymsg_version = -1; +static int hf_ymsg_len = -1; +static int hf_ymsg_service = -1; +static int hf_ymsg_status = -1; +static int hf_ymsg_session_id = -1; +static int hf_ymsg_content = -1; + +static gint ett_ymsg = -1; +static gint ett_ymsg_content = -1; + +#define TCP_PORT_YMSG 23 /* XXX - this is Telnet! */ +#define TCP_PORT_YMSG_2 25 /* And this is SMTP! */ +#define TCP_PORT_YMSG_3 5050 /* This, however, is regular Yahoo Messenger */ + +/* + * This is from yahoolib2.c from libyahoo2. + * + * See also + * + * http://libyahoo2.sourceforge.net/ymsg-9.txt + * + * and + * + * http://www.venkydude.com/articles/yahoo.htm + */ + +/* Service constants */ +enum yahoo_service { /* these are easier to see in hex */ + YAHOO_SERVICE_LOGON = 1, + YAHOO_SERVICE_LOGOFF, + YAHOO_SERVICE_ISAWAY, + YAHOO_SERVICE_ISBACK, + YAHOO_SERVICE_IDLE, /* 5 (placemarker) */ + YAHOO_SERVICE_MESSAGE, + YAHOO_SERVICE_IDACT, + YAHOO_SERVICE_IDDEACT, + YAHOO_SERVICE_MAILSTAT, + YAHOO_SERVICE_USERSTAT, /* 0xa */ + YAHOO_SERVICE_NEWMAIL, + YAHOO_SERVICE_CHATINVITE, + YAHOO_SERVICE_CALENDAR, + YAHOO_SERVICE_NEWPERSONALMAIL, + YAHOO_SERVICE_NEWCONTACT, + YAHOO_SERVICE_ADDIDENT, /* 0x10 */ + YAHOO_SERVICE_ADDIGNORE, + YAHOO_SERVICE_PING, + YAHOO_SERVICE_GOTGROUPRENAME, /* < 1, 36(old), 37(new) */ + YAHOO_SERVICE_SYSMESSAGE = 0x14, + YAHOO_SERVICE_PASSTHROUGH2 = 0x16, + YAHOO_SERVICE_CONFINVITE = 0x18, + YAHOO_SERVICE_CONFLOGON, + YAHOO_SERVICE_CONFDECLINE, + YAHOO_SERVICE_CONFLOGOFF, + YAHOO_SERVICE_CONFADDINVITE, + YAHOO_SERVICE_CONFMSG, + YAHOO_SERVICE_CHATLOGON, + YAHOO_SERVICE_CHATLOGOFF, + YAHOO_SERVICE_CHATMSG = 0x20, + YAHOO_SERVICE_GAMELOGON = 0x28, + YAHOO_SERVICE_GAMELOGOFF, + YAHOO_SERVICE_GAMEMSG = 0x2a, + YAHOO_SERVICE_FILETRANSFER = 0x46, + YAHOO_SERVICE_VOICECHAT = 0x4A, + YAHOO_SERVICE_NOTIFY, + YAHOO_SERVICE_VERIFY, + YAHOO_SERVICE_P2PFILEXFER, + YAHOO_SERVICE_PEERTOPEER = 0x4F, /* Checks if P2P possible */ + YAHOO_SERVICE_AUTHRESP = 0x54, + YAHOO_SERVICE_LIST, + YAHOO_SERVICE_AUTH = 0x57, + YAHOO_SERVICE_ADDBUDDY = 0x83, + YAHOO_SERVICE_REMBUDDY, + YAHOO_SERVICE_IGNORECONTACT, /* > 1, 7, 13 < 1, 66, 13, 0*/ + YAHOO_SERVICE_REJECTCONTACT, + YAHOO_SERVICE_GROUPRENAME = 0x89, /* > 1, 65(new), 66(0), 67(old) */ + YAHOO_SERVICE_CHATONLINE = 0x96, /* > 109(id), 1, 6(abcde) < 0,1*/ + YAHOO_SERVICE_CHATGOTO, + YAHOO_SERVICE_CHATJOIN, /* > 1 104-room 129-1600326591 62-2 */ + YAHOO_SERVICE_CHATLEAVE, + YAHOO_SERVICE_CHATEXIT = 0x9b, + YAHOO_SERVICE_CHATLOGOUT = 0xa0, + YAHOO_SERVICE_CHATPING, + YAHOO_SERVICE_COMMENT = 0xa8 +}; + +/* Message flags */ +enum yahoo_status { + YAHOO_STATUS_AVAILABLE = 0, + YAHOO_STATUS_BRB, + YAHOO_STATUS_BUSY, + YAHOO_STATUS_NOTATHOME, + YAHOO_STATUS_NOTATDESK, + YAHOO_STATUS_NOTINOFFICE, + YAHOO_STATUS_ONPHONE, + YAHOO_STATUS_ONVACATION, + YAHOO_STATUS_OUTTOLUNCH, + YAHOO_STATUS_STEPPEDOUT, + YAHOO_STATUS_INVISIBLE = 12, + YAHOO_STATUS_CUSTOM = 99, + YAHOO_STATUS_IDLE = 999, + YAHOO_STATUS_OFFLINE = 0x5a55aa56, /* don't ask */ + YAHOO_STATUS_TYPING = 0x16 +}; + +struct yahoo_rawpacket +{ + char ymsg[4]; /* Packet identification string (YMSG) */ + unsigned char version[4]; /* 4 bytes, little endian? */ + unsigned char len[2]; /* length - little endian */ + unsigned char service[2]; /* service - little endian */ + unsigned char status[4]; /* Status - online, away etc.*/ + unsigned char session_id[4]; /* Session ID */ + char content[6]; /* 6 is the minimum size of the content */ +}; + +static const value_string ymsg_service_vals[] = { + {YAHOO_SERVICE_LOGON, "Pager Logon"}, + {YAHOO_SERVICE_LOGOFF, "Pager Logoff"}, + {YAHOO_SERVICE_ISAWAY, "Is Away"}, + {YAHOO_SERVICE_ISBACK, "Is Back"}, + {YAHOO_SERVICE_IDLE, "Idle"}, + {YAHOO_SERVICE_MESSAGE, "Message"}, + {YAHOO_SERVICE_IDACT, "Activate Identity"}, + {YAHOO_SERVICE_IDDEACT, "Deactivate Identity"}, + {YAHOO_SERVICE_MAILSTAT, "Mail Status"}, + {YAHOO_SERVICE_USERSTAT, "User Status"}, + {YAHOO_SERVICE_NEWMAIL, "New Mail"}, + {YAHOO_SERVICE_CHATINVITE, "Chat Invitation"}, + {YAHOO_SERVICE_CALENDAR, "Calendar Reminder"}, + {YAHOO_SERVICE_NEWPERSONALMAIL, "New Personals Mail"}, + {YAHOO_SERVICE_NEWCONTACT, "New Friend"}, + {YAHOO_SERVICE_ADDIDENT, "Add Identity"}, + {YAHOO_SERVICE_ADDIGNORE, "Add Ignore"}, + {YAHOO_SERVICE_PING, "Ping"}, + {YAHOO_SERVICE_GOTGROUPRENAME, "YAHOO_SERVICE_GOTGROUPRENAME"}, + {YAHOO_SERVICE_SYSMESSAGE, "System Message"}, + {YAHOO_SERVICE_PASSTHROUGH2, "Passthrough 2"}, + {YAHOO_SERVICE_CONFINVITE, "Conference Invitation"}, + {YAHOO_SERVICE_CONFLOGON, "Conference Logon"}, + {YAHOO_SERVICE_CONFDECLINE, "Conference Decline"}, + {YAHOO_SERVICE_CONFLOGOFF, "Conference Logoff"}, + {YAHOO_SERVICE_CONFADDINVITE, "Conference Additional Invitation"}, + {YAHOO_SERVICE_CONFMSG, "Conference Message"}, + {YAHOO_SERVICE_CHATLOGON, "Chat Logon"}, + {YAHOO_SERVICE_CHATLOGOFF, "Chat Logoff"}, + {YAHOO_SERVICE_CHATMSG, "Chat Message"}, + {YAHOO_SERVICE_GAMELOGON, "Game Logon"}, + {YAHOO_SERVICE_GAMELOGOFF, "Game Logoff"}, + {YAHOO_SERVICE_GAMEMSG, "Game Message"}, + {YAHOO_SERVICE_FILETRANSFER, "File Transfer"}, + {YAHOO_SERVICE_VOICECHAT, "Voice Chat"}, + {YAHOO_SERVICE_NOTIFY, "YAHOO_SERVICE_NOTIFY"}, + {YAHOO_SERVICE_VERIFY, "YAHOO_SERVICE_VERIFY"}, + {YAHOO_SERVICE_P2PFILEXFER, "YAHOO_SERVICE_P2PFILEXFER"}, + {YAHOO_SERVICE_PEERTOPEER, "YAHOO_SERVICE_PEERTOPEER"}, + {YAHOO_SERVICE_AUTHRESP, "YAHOO_SERVICE_AUTHRESP"}, + {YAHOO_SERVICE_LIST, "YAHOO_SERVICE_LIST"}, + {YAHOO_SERVICE_AUTH, "YAHOO_SERVICE_AUTH"}, + {YAHOO_SERVICE_ADDBUDDY, "YAHOO_SERVICE_ADDBUDDY"}, + {YAHOO_SERVICE_REMBUDDY, "YAHOO_SERVICE_REMBUDDY"}, + {YAHOO_SERVICE_IGNORECONTACT, "YAHOO_SERVICE_IGNORECONTACT"}, + {YAHOO_SERVICE_REJECTCONTACT, "YAHOO_SERVICE_REJECTCONTACT"}, + {YAHOO_SERVICE_GROUPRENAME, "Group Renamed"}, + {YAHOO_SERVICE_CHATONLINE, "YAHOO_SERVICE_CHATONLINE"}, + {YAHOO_SERVICE_CHATGOTO, "YAHOO_SERVICE_CHATGOTO"}, + {YAHOO_SERVICE_CHATJOIN, "YAHOO_SERVICE_CHATJOIN"}, + {YAHOO_SERVICE_CHATLEAVE, "YAHOO_SERVICE_CHATLEAVE"}, + {YAHOO_SERVICE_CHATEXIT, "YAHOO_SERVICE_CHATEXIT"}, + {YAHOO_SERVICE_CHATLOGOUT, "YAHOO_SERVICE_CHATLOGOUT"}, + {YAHOO_SERVICE_CHATPING, "YAHOO_SERVICE_CHATPING"}, + {YAHOO_SERVICE_COMMENT, "YAHOO_SERVICE_COMMENT"}, + {0, NULL} +}; + +static const value_string ymsg_status_vals[] = { + {YAHOO_STATUS_AVAILABLE, "YAHOO_STATUS_AVAILABLE"}, + {YAHOO_STATUS_BRB, "YAHOO_STATUS_BRB"}, + {YAHOO_STATUS_BUSY, "YAHOO_STATUS_BUSY"}, + {YAHOO_STATUS_NOTATHOME, "YAHOO_STATUS_NOTATHOME"}, + {YAHOO_STATUS_NOTATDESK, "YAHOO_STATUS_NOTATDESK"}, + {YAHOO_STATUS_NOTINOFFICE, "YAHOO_STATUS_NOTINOFFICE"}, + {YAHOO_STATUS_ONPHONE, "YAHOO_STATUS_ONPHONE"}, + {YAHOO_STATUS_ONVACATION, "YAHOO_STATUS_ONVACATION"}, + {YAHOO_STATUS_OUTTOLUNCH, "YAHOO_STATUS_OUTTOLUNCH"}, + {YAHOO_STATUS_STEPPEDOUT, "YAHOO_STATUS_STEPPEDOUT"}, + {YAHOO_STATUS_INVISIBLE, "YAHOO_STATUS_INVISIBLE"}, + {YAHOO_STATUS_CUSTOM, "YAHOO_STATUS_CUSTOM"}, + {YAHOO_STATUS_IDLE, "YAHOO_STATUS_IDLE"}, + {YAHOO_STATUS_OFFLINE, "YAHOO_STATUS_OFFLINE"}, + {YAHOO_STATUS_TYPING, "YAHOO_STATUS_TYPING"}, + {0, NULL} +}; + +int +get_content_item_length(tvbuff_t *tvb, int offset) { + int origoffset = offset; + guint16 curdata; + for (;;) { + curdata = tvb_get_ntohs(tvb, offset); + if (curdata == 0xc080) { + break; + } + offset++; + } + return offset - origoffset; +} + +static gboolean +dissect_ymsg(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree) +{ + proto_tree *ymsg_tree, *ti; + proto_item *content_item; + proto_tree *content_tree; + char *keybuf; + char *valbuf; + int headersize = sizeof(struct yahoo_rawpacket)-6; + int keylen = 0; + int vallen = 0; + int offset = 0; + int content_len = 0; + + if ((pinfo->srcport != TCP_PORT_YMSG && pinfo->destport != TCP_PORT_YMSG) && + (pinfo->srcport != TCP_PORT_YMSG_2 && pinfo->destport != TCP_PORT_YMSG_2) && + (pinfo->srcport != TCP_PORT_YMSG_3 && pinfo->destport != TCP_PORT_YMSG_3)) { + /* Not the Yahoo port - not a Yahoo Messenger packet. */ + return FALSE; + } + + /* get at least a full packet structure */ + if ( !tvb_bytes_exist(tvb, 0, headersize) ) { + /* Not enough data captured; maybe it is a Yahoo + Messenger packet, but it contains too little data to + tell. */ + return FALSE; + } + + if (memcmp(tvb_get_ptr(tvb, offset, 4), "YMSG", 4) != 0) { + /* Not a Yahoo Messenger packet. */ + return FALSE; + } + + if (check_col(pinfo->cinfo, COL_PROTOCOL)) + col_set_str(pinfo->cinfo, COL_PROTOCOL, "YMSG"); + + offset = 0; + if (check_col(pinfo->cinfo, COL_INFO)) { + col_add_fstr(pinfo->cinfo, COL_INFO, + "%s, %s", + val_to_str(tvb_get_ntohs(tvb, offset + 10), + ymsg_service_vals, "Unknown Service: %u"), + val_to_str(tvb_get_ntohl(tvb, offset + 12), + ymsg_status_vals, "Unknown Status: %u") + ); + } + + if (tree) { + ti = proto_tree_add_item(tree, proto_ymsg, tvb, offset, -1, + FALSE); + ymsg_tree = proto_item_add_subtree(ti, ett_ymsg); + + offset += 4; /* skip the YMSG string */ + + proto_tree_add_item(ymsg_tree, hf_ymsg_version, tvb, + offset, 4, TRUE); + offset += 4; + + content_len = tvb_get_ntohs(tvb, offset); + proto_tree_add_item(ymsg_tree, hf_ymsg_len, tvb, + offset, 2, FALSE); + offset += 2; + + proto_tree_add_item(ymsg_tree, hf_ymsg_service, tvb, + offset, 2, FALSE); + offset += 2; + + proto_tree_add_item(ymsg_tree, hf_ymsg_status, tvb, + offset, 4, FALSE); + offset += 4; + + proto_tree_add_item(ymsg_tree, hf_ymsg_session_id, tvb, + offset, 4, TRUE); + offset += 4; + + content_item = proto_tree_add_item(ymsg_tree, hf_ymsg_content, tvb, + offset, -1, TRUE); + content_tree = proto_item_add_subtree(content_item, ett_ymsg_content); + + for (;;) { + if (offset >= headersize+content_len) { + break; + } + keylen = get_content_item_length (tvb, offset); + keybuf = tvb_format_text(tvb, offset, keylen); + vallen = get_content_item_length (tvb, offset+keylen+2); + content_item = proto_tree_add_text(content_tree, tvb, offset, keylen+vallen+4, "%s: ", keybuf); + valbuf = tvb_format_text(tvb, offset+keylen+2, vallen); + proto_item_append_text(content_item, "%s", valbuf); + offset += keylen+vallen+4; + } + } + + return TRUE; +} + +void +proto_register_ymsg(void) +{ + static hf_register_info hf[] = { + { &hf_ymsg_version, { + "Version", "ymsg.version", FT_UINT32, BASE_DEC, + NULL, 0, "Packet version identifier", HFILL }}, + { &hf_ymsg_len, { + "Packet Length", "ymsg.len", FT_UINT16, BASE_DEC, + NULL, 0, "Packet Length", HFILL }}, + { &hf_ymsg_service, { + "Service", "ymsg.service", FT_UINT16, BASE_DEC, + VALS(ymsg_service_vals), 0, "Service Type", HFILL }}, + { &hf_ymsg_status, { + "Status", "ymsg.status", FT_UINT32, BASE_DEC, + VALS(ymsg_status_vals), 0, "Message Type Flags", HFILL }}, + { &hf_ymsg_session_id, { + "Session ID", "ymsg.session_id", FT_UINT32, BASE_HEX, + NULL, 0, "Connection ID", HFILL }}, + { &hf_ymsg_content, { + "Content", "ymsg.content", FT_STRING, 0, + NULL, 0, "Data portion of the packet", HFILL }}, + }; + static gint *ett[] = { + &ett_ymsg, + &ett_ymsg_content, + }; + + proto_ymsg = proto_register_protocol("Yahoo YMSG Messenger Protocol", + "YMSG", "ymsg"); + + proto_register_field_array(proto_ymsg, hf, array_length(hf)); + + proto_register_subtree_array(ett, array_length(ett)); +} + +void +proto_reg_handoff_ymsg(void) +{ + /* + * DO NOT register for port 23, as that's Telnet, or for port + * 25, as that's SMTP. + * + * Also, DO NOT register for port 5050, as that's used by the + * old and new Yahoo messenger protocols. + * + * Just register as a heuristic TCP dissector, and reject stuff + * not to or from any of those ports. + */ + heur_dissector_add("tcp", dissect_ymsg, proto_ymsg); +} |